Proton

Proton Mail Upgrades SSL Certificates

UPDATE 11 October 2021: We are now using Let’s Encrypt(new window) as the Certificate Authority that verifies the SSL certificates used to secure the Proton Mail and Proton VPN web sites. For more information on this, and for instructions on how to check the validity of our certificate, please see Proton Mail’s TLS/SSL Certificate(new window).

Last week, we underwent the process of fortifying our SSL certificates. As part of our effort to provide the highest level of security and privacy to our users, we have upgraded every single certificate that we use.

The new SSL certificates have several marked improvements over the previous ones.

  • All certificates now use the highest strength 4096-bit RSA
  • proton.me now uses an Extended Validation certificate
  • All certificates are now hashed using the stronger SHA256 algorithm


These changes can already be seen when you visit Proton Mail by the presence of a green bar in the URL.

SSLCertBar(new window)

Our new certificates are issued by SwissSign(new window) which is a wholly owned by Swiss Post, a public institution owned by the Swiss Confederation and not under US or EU control.

In addition to the new certificates, we have also implemented much stronger SSL encryption. The SSL encryption algorithms we support now provide Perfect Forward Secrecy(new window) and our servers are now configured to always use the strongest possible encryption for client connections. As a result, Proton Mail is graded A+ on our SSL report.

sslgrade(new window)

To learn how to manually verify your connection to Proton Mail to avoid a MITM attack(new window), you can view our knowledge base article on this topic here(new window).

We are committed to your security and privacy online and in the future you can look forward to further improvements.

Related articles

A cover image for a blog describing the next six months of Proton Pass development which shows a laptop screen with a Gantt chart
Take a look at the upcoming features and improvements coming to Proton Pass over the next several months.
The Danish mermaid and the Dutch parliament building behind a politician and an unlocked phone
We searched the dark web for Danish, Dutch, and Luxembourgish politicians’ official email addresses. In Denmark, over 40% had been exposed.
Infostealers: What they are, how they work, and how to protect yourself
Discover insights about what infostealers are, where your stolen information goes, and ways to protect yourself.
Mockup of the Proton Pass app and text that reads "Pass Lifetime: Pay once, access forever"
Learn more about our exclusive Pass + SimpleLogin Lifetime offer. Pay once and enjoy premium password manager features for life.
A cover image for a blog announcing that Pass Plus will now include premium SimpleLogin features
We're changing the price of new Pass Plus subscriptions, which now includes access to SimpleLogin premium features.
Infinity symbol in purple with the words "Call for submissions" and "Proton Lifetime Fundraiser 7th Edition"
It’s time to choose the organizations we should support for the 2024 edition of our annual charity fundraiser.